Items tagged with security

Last week, cybersecurity researchers discovered an open Elasticsearch database that exposed an extensive fake Amazon reviews scam ring. The database contained millions of direct messages between Amazon vendors and upwards of 200,000 customers willing to provide fake reviews in exchange for free products. It is presently unknown who owns the database, but it shows the nasty underbelly of some Amazon vendors and online retail. The SafetyDetectives cybersecurity team’s discovery of this Elasticsearch database proved to be incredibly interesting and valuable as it outlined how Amazon vendors went about getting the fake reviews. The team reported that Amazon vendors send to reviewers, or an... Read more...
One of the top U.S. fuel pipeline operators had to shutter its network this weekend due to a nasty ransomware attack. This effectively shut down approximately half of the East Coast’s fuel for both air and ground transportation. Though home heating oil prices are not expected to increase as a result, this does raise concerns about how vulnerable U.S. critical infrastructure is after seeing how disruptive this attack was. Colonial Pipeline is one of the largest pipeline operators in the United States, with over 5,500 miles of pipe delivering 100 million gallons of fuel across 14 different states and directly serving seven airports. The network, which you can see below, spans from New... Read more...
Dell is one of the most popular PC brands globally, selling millions of laptops, desktops, and server systems to everyday consumers and businesses alike each year. However, SentinelLabs researchers warned this week that five critical security flaws have been lurking in its firmware update driver since the early days of President Obama's first term. Attackers could have potentially exploited these flaws to conduct escalation of privilege attacks for kernel-level access on hundreds of millions of Dell and Alienware PCs. Multiple vulnerabilities were traced to Dell's firmware update driver version 2.3 (dbutil_2_3.sys) module. This module is responsible for Dell firmware updates using the Dell BIOS... Read more...
AI is spreading, and not in the creepy sci-fi dystopian kind of way, but by way of programs to help manage large tasks in critical business sectors, such as healthcare, finance, and defense. Now, Microsoft is releasing a tool called Counterfit, an “automation tool for security testing AI systems as an open-source project.” This way, companies will be able to “ensure that the algorithms used in their businesses are robust, reliable, and trustworthy.” As mentioned, AI systems are becoming more prevalent in business, powering many different services. Thus, these systems must be secure from adversaries so that important or confidential information is not lost. However, performing... Read more...
At the start of May, researchers at the University of Virginia announced that current Spectre chip vulnerability mitigations could be bypassed entirely, bringing the ghostly security flaw back to life. Intel has now officially responded by claiming that software coded following its specific security guidance protects against these new vulnerabilities. However, UVA  researchers seem to disagree with the general sentiment. The question now is, who is right and what needs to happen to protect end-users? Here's Intel's full statement on the matter... “Intel reviewed the report and informed researchers that existing mitigations were not being bypassed and that this scenario is addressed... Read more...
Back in 2018, a processor security vulnerability called Spectre appeared, affecting all modern CPU architectures from Intel, AMD, and even ARM in the last 20 years. Since then, major players and semiconductor OEMs have worked hard to patch out the vulnerabilities in a cybersecurity whack-a-mole game, in some cases leading to performance loss and other issues. Today, unfortunately, University of Virginia Researchers have now found a way to circumvent all of the original Spectre security mitigations, essentially resurrecting the ghostly security flaw that will now again haunt billions of PCs globally. Of the vulnerabilities that appeared in 2018, Spectre was the nastier of the two primary... Read more...
If you catch the flu, you may be stuck at home or even bedridden for a few days until you get better. If you catch the FluBot malware, you could be at risk of losing sensitive information, such as banking details and personal information. While this malware campaign has not made it across the pond from Europe yet, it could make its way over while wreaking havoc along the way. In late 2020, an Android-based malware was discovered trying to spread itself and capture credit card data. Regardless of the version, the basis for the malware was phishing people with fake links to track packages using reputable names like FedEx and DHL. Once a user clicked a link, it would direct them to download a legitimate-looking... Read more...
Last week, the CEO of messaging app Signal got his hands on Cellebrite software, which is typically used for extracting data from mobile devices. Several security vulnerabilities were discovered with this acquisition, leading to Signal including files in its app that would corrupt all present and future data collected by the Cellebrite utility. Now, the Cellebrite Physical Analyzer, or “the most intrusive phone cracking tool offered by the company,” is no longer fully supporting iPhones. Cellebrite is an Israeli digital forensics and intelligence company that provides both hardware and software to crack phones. These products are used by law enforcement agencies around the world and... Read more...
Given that data leaks are occurring even more frequently these days, it is a matter of when, not if, your information makes it to the open web. Cybercriminals are constantly on the prowl looking for a new way to make a quick buck, and clearly the system is working for them. New data reports that over 5 billion records were lost to leaks through March, with 3.27 billion of them from one massive set of data alone. According to data collected by Hackmageddon and compiled by AtlasVPN, the five billion records lost came from an outstanding 42 different breaches across January, February, and March. Of those months, January was the busiest with a total of 23 breaches, whereas March was the meekest with... Read more...
The same group of hackers that hit the NBA's Houston Rockets basketball team with a ransomware attack earlier this month has now turned its sights on the police force in Washington, D.C. It is the latest in a string of concerning ransomware attacks aimed at police over the past several weeks, where data leaks can put people's lives in danger. More than just a potentially embarrassing situation, in which private information could be revealed to the public, unscrupulous hackers are also threatening to reveal the identity of police informants to gangs, according to a post on the dark web viewed by The New York Times. In such a scenario, a data dump could conceivably result in actual bodily harm,... Read more...
From time to time, malware will pop up that affects Apple devices which are typically touted as the superior option to other PCs for their security. This happened earlier this year with the mysterious Silver Sparrow malware that caught thousands of M1 Macs. Now, Mac users are being urged to patch again to prevent actively used malware, bypassing many of Apple’s core security measures with ease. File quarantine, Gatekeeper, and Application Notarization are three utilities that have been introduced over the years to help protect users. Effectively, these tools make it so Apple must essentially sign off on all software that could make it to a Mac. If some software somehow managed to sneak... Read more...
When we hear of ransomware attacks, it usually involves high-value targets, such as the recent $50 million attack against Apple supplier Quanta. This time, a ransomware gang took a different approach and targeted consumers and small businesses using QNAP devices and subsequently encrypted their files. In just five days, the gang managed to collect $260,000 in Bitcoin for unlocking all the devices they took hostage. On Monday, a ransomware operation called Qlocker kicked off, exploiting new vulnerabilities in QNAP NAS devices and leaving users to wake up to their files being locked up. The ransomware gang behind this pulled it off by scanning the web for connected QNAP devices and then locking... Read more...
When it comes to password management, users really have just a handful of options, and all of them have their caveats. If we choose to just use memorable passwords and recycle them between accounts, one account becoming compromised can lead to a group of them being in a bad state. On the other hand, relying on a cloud service to store passwords puts our security credentials on someone else's servers, and we're subject to whatever tracking those services may entail. Lastly, if we host our own password management solutions, one bad update can leak our credentials to the world. This third option is the story of Click Studios and PasswordState. PasswordState is a self-hosted, as opposed to cloud-hosted,... Read more...
The United States government has quietly handed over management of around 175 million traditional internet addresses (IPV4) to Global Resource Systems LLC, a small company in Florida, as part of a "pilot effort" to look for security issues. In case you are wondering, that works out to around 6 percent of all available IPV4 internet addresses. This transfer of management (not ownership) began several months ago. What started off as tens of millions of IP addresses quickly became over a hundred million, which on the surface is unusual—typically speaking, big chunks of the IPV4 space are controlled by large telecommunications companies, such as AT&T and Verizon. So how does Global Resource... Read more...
With all due apologies for the disappointing news, you did not win a set of Apple AirPods, no matter what that unsolicited text message you received may have said. The text message is a scam attempt, plain and simple. It has gotten so big that the Better Business Bureau (BBB) felt it necessary to issue a warning to the public, explaining how the text message con works. Tech savvy individuals (most of you reading this) will recognize this sort of thing right away. But even if you would never fall for such a thing, you can probably think of family members and friends who would. So if nothing else, pass the warning on to those you know who would be duped by what basically amounts to a popular phishing... Read more...
After a Reddit user alerted AMD to vulnerabilities within its web store that was making it easy for bots to buy hard-to-get graphics cards and other hardware before us regular folk ever stood a chance, it made some back-end changes and sent the user a t-shirt as a 'thank you' gift. All is now well in the world, right? Well, not exactly. There's still more work to be done on AMD's part. We're not talking about work in the broader sense, like securing more silicon so that supply can catch up with demand, even while being ravaged by cryptocurrency miners and scalpers. Much of that is outside of AMD's control—manufacturing partner TSMC recently indicated the general shortage of silicon could... Read more...
Israeli-based digital intelligence company Cellebrite provides software that enables the extraction of data from devices. While law enforcement loves this, it raises ire from phone manufacturers and individuals alike, with privacy concerns abound. Interestingly, the CEO of Signal got their hands on one of these devices and managed to hack it, which provided some interesting insights, to say the least. For context, Cellebrite software seems to exist in a moral and legal grey area, when law enforcement can unlock phones without authorization by the owner. While it is important to note that Cellebrite software requires the device to be in the hands of the person attempting to get data, this may... Read more...
It is a miserable time now for securing PC gaming hardware like graphics cards and high-end processors. Securing AMD Radeon RX 6000 Series and NVIDIA GeForce RTX 30 Series graphics cards have been particularly troublesome due to demand from gamers and crypto miners. The supply issue has been compounded by people using bots to snatch up available graphics cards when they do come back in stock before the general public even has a chance to add the item to their cart. One Redditor, originofspices, decided to take matters into their own hands against bots ruining the purchase experience for AMD's web store. Digital River runs AMD's store, and it is rife with vulnerabilities that bots use to secure... Read more...
It does not seem Facebook will be able to catch a break this week after an accidental email revealed the company’s dismissive view of data leakage. The Silicon Valley social media company is facing a possible new leak after a researcher found he could link up to 5 million Facebook accounts to private email addresses daily. On Tuesday, a video made the rounds that showed a researcher, who remains anonymous, demonstrating a tool called “Facebook Email search v1.0.” This person explained to Ars Technica that as many as 5 million emails could be linked to Facebook accounts in a day, even if said emails were private on an account. Interestingly, the only reason we know of this leak... Read more...
Apple is bringing some color into people's lives with a new line of M1-powered iMac systems, available in green, yellow, orange, pink, purple, blue, and silver. As to what other changes Apple plans on making to its product lines, a hacking group is threatening to reveal them, after infiltrating servers belonging to one of the company's main suppliers. The hacking group goes by REvil, and it is the same one that recently breached Acer and stole files that included financial spreadsheets, bank balances, and bank communications, all of which it posted on its website called Happy Blog. The group is known for using ransomware in its attacks, and in the case of Acer, it had demanded $50 million. REvil... Read more...
This year, there have been several cybersecurity incidents, such as the Microsoft Exchange issue, across numerous industries and government organizations. It appears that the defense industry is now being targeted by at least two China-linked hacking groups who are leveraging Pulse Secure VPN devices from IT company Ivanti. Phil Richard, CSO at Pulse Secure, posted a security update today reporting that the company had been made aware of a new vulnerability with Pulse Connect Secure appliances. Subsequently, the company is working with security company FireEye, among others, to investigate and respond to the exploitative behavior on the vulnerable appliances. Pulse Secure Is An Ivanti Brand... Read more...
No platform is 100 percent secure, and lest anyone need reminding of that, a Mac malware campaign with Xcode developers in its sights has been modified to infect systems outfitted with Apple's fancy new M1 silicon. The end goal of this particular malware is to rob Mac uses of their cryptocurrencies, by stealing login information related to cryptocurrency apps. The malware is called XCSSET, and it gained prominence in August 2020, when Trend Micro warned of its existence. "This scenario is quite unusual; in this case, malicious code is injected into local Xcode projects so that when the project is built, the malicious code is run. This poses a risk for Xcode developers in particular. The threat... Read more...
1 2 3 4 5 Next ... Last